Composite Materialshttps://blogs.oracle.com/rtenhove/
Ron Ten-Hove's Weblogen-usCopyright 2008Thu, 25 Sep 2008 07:11:10 +0000Apache Roller BLOGS401ORA6 (20130904125427)https://blogs.oracle.com/rtenhove/entry/book_review_symmetry_a_journeyBook review: Symmetry, A Journey into the Patterns of Naturertenhovehttps://blogs.oracle.com/rtenhove/entry/book_review_symmetry_a_journey
Tue, 23 Sep 2008 19:40:56 +0000GeneralbooksmathematicssymmetryLast month I was set to spend two weeks along the headwaters of the Saint Lawrence River, on holiday. Of course, this required suitable reading material. On impulse I grabbed Marcus du Sautoy's book on Symmetry from the "new books" section of one of my local libraries. The title intrigued me, although I knew nothing of the author.
<p>
My impulse was a very good one. This book is a wonderful exploration of the mathematics of symmetry. It has two strong threads, historical and personal, wonderfully interwoven. For the most part it is light on the actual mathematics, which I found somewhat disappointing (I am an electrical engineer by training, so I have a strong background in applied maths), but is very clear on the key mathematical elements, without being complex, confusing, or boring.
<p>
For me the strongest thread was historical. du Sautoy relates the past history of his discipline with great skill, and genuine enthusiasm. A close second was the more recent history, mixed with the author's own personal involvement with key figures in recent advances in the field. The combination was gripping, and a thoroughly enjoyable read. It also is very suggestive of how God has structured the universe in ways that are both understandable and incredibly creative. A highly recommend read!https://blogs.oracle.com/rtenhove/entry/security_leads_to_insecuritySecurity leads to insecurity?rtenhovehttps://blogs.oracle.com/rtenhove/entry/security_leads_to_insecurity
Fri, 7 Sep 2007 11:13:26 +0000GeneralsecuritywinxpMy spiffy new XP box came with all the security knobs & dials set to "on" (or, perhaps, "11" :-) ). The net effect of this well-meant reconfiguration was the opposite of what was intended -- an extremely insecure PC!I recently purchased a new PC to replace an older (perhaps elderly is a better term) one in our home school classroom before the start of the school year. I ordered it with XP, rather than Vista; I have a lot of reservations about Vista!
<p>
The new machine arrived, with XP SP2 installed, as expected. I set the machine up, carefully purged the unwanted demoware, added the firewall, anti-virus and anti-spyware armor, and plugged it into the network to retrieve its patches from Microsoft. After all, SP2 is fairly old; there have been a lot of patch Tuesdays since 2004!
<p>
I pointed IE6 at the windows update site, and things didn't go too far before I received an error message which simply gave me an eight-digit hexadecimal error code, and an offer to search for it on Microsoft's support pages. "Wow, I've found an obscure problem, if they don't have a text description of the error code!", I thought to myself.
<p>
It wasn't an obscure problem at all. In the name of security, IE6 was shipped with its security settings preset such that it <b>could not</b> even download the ActiveX controls MS uses to drive the update process. Further, when I found the right MS support pages for the mysterious hex error code, the fix it recommended wasn't quite right. I had to study firewall logs to discover what was going on, and adjust IE6's settings accordingly. After that, things went smoothly. (43 "high priority" updates, by the way, and many of them roll-ups of past updates, all security- or stability-related.)
<p>
My first reaction to this little adventure was predictable enough: surely this situation results in a lot of support calls to the computer manufacturer? That has to be expensive, shipping machines with one guaranteed support incident built right in. Not to mention the initial impression the customer must have. It really sounds like somebody forgot to QA the product properly after the security changes were made.
<p>
Then I had a more chilling thought: how many people would actually try to fix this problem? How many would even be aware of it? (The new, tighter security configuration includes shipping with automatic updates set to "on", and you have to know where to look to see if the updates are working at all!)
<p>
This was all beginning to sound like fodder for the <i>Inside Risks</i> column in the Communications of the ACM. In the name of better security, my new computer was configured to heighten the likelihood that I'd unwittingly use a system with three-years worth of vulnerabilities, many of them exploited by now. By increasing security settings locally (on the PC), they actually broke the larger security system that includes timely patches. Ouch!
<p>
This is an instance of a lesson we often forget in the software industry: local optimization can lead to suboptimal global system behavior, often in unexpected ways.https://blogs.oracle.com/rtenhove/entry/jbi_2_0_jsr_filedJBI 2.0 JSR Filedrtenhovehttps://blogs.oracle.com/rtenhove/entry/jbi_2_0_jsr_filed
Wed, 4 Apr 2007 10:51:39 +0000GeneralJust a quick update -- the <a href="http://jcp.org/en/jsr/detail?id=312">JBI 2.0 Java Specification Request</a> (JSR) has been filed with the JCP, and is being voted on by the JCP executive committee in charge of Java SE and EE. (There is a separate EC for Java ME.)
<p>
If you are involved with JBI, especially as a user of the technology, this JSR is for you! Any 1.0 technology needs to grow and improve, and those improvements are directed by the experiences of users, not implementers, of the technology. That's one of the best features of the Java Community Process -- the whole community can get involved, and help shape the technologies. And that is much better than the alternatives...
https://blogs.oracle.com/rtenhove/entry/the_paper_i_never_gaveThe paper I never gave: XML Europe 2003 on ebXML BPSS and BPEL4WSrtenhovehttps://blogs.oracle.com/rtenhove/entry/the_paper_i_never_gave
Mon, 19 Jul 2004 11:13:18 +0000General<p>
I occasionally get requests for a paper that I never wrote! I recently wrote the following message in response to yet another request for the non-existant paper:
<p>
<hr width="100%"/>
Unfortunately, the paper you mentioned was never written. Due to a clerical error on the part of the XML Europe 2003 organisers, the abstract for a paper I proposed to develop was published on their web site, but in fact the paper was never accepted for presentation. Due to the organiser's lack of interest, I did not write the paper. However, I can share with you some of my observations about the current standards situation (which has changed since 2003). There are my personal opinions, and in no way are meant to represent Sun Microsystems' stance on these issues.
<p>
You are not alone in trying to untangle the world of ebXML and BPEL/WSDL/SOAP/WS-\*. It is true that ebXML has not found a large following among software providers in America. The fact that Microsoft and IBM are pushing a separate initiative, known to some as the Global XML Architecture (GXA), has lead most of those software providers to conclude that ebXML is the wrong "horse" to bet on. IBM and MS have rather large coat-tails, after all.
<p>
This conclusion has not been shared by many software development groups and users outside the USA. Asia-Pacific, and to a lesser degree Europe, have embraced ebXML largely because it is royalty-free, it works, and provides many useful functions (reliable messaging via internet, interoperability, security, UMM alignment). GXA is largely a set of proprietary specs, with no implementations save for the lowest-level components (which are being slowly standardized). The really useful functions of ebXML are not yet available in the GXA world, and won't be for several years. For organisations that don't have the luxury of waiting a few years to see how GXA shapes up, this presents an interesting choice.
<p>
The BPSS vs. BPEL debate was largely the result of marketing "wars" related to the ebXML vs. GXA conflict. Comparing BPSS to BPEL is comparing apples to oranges -- they both have different functions in an e-commerce infrastructure. The emerging picture from standards-setting organisations seems to be:
<ul>
<li>At the lowest level, BPEL for performing orchestration of message exchanges. This is a low-level addition to WSDL 1.1, which models message exchanges from a single parties point-of-view only.</li>
<li>Above the BPEL level, a choreography language is need to properly model the "global" message exchange model between multiple parties. This is being developed by the WS-Choreography working group, and is currently named WS-CDL (choreography descripition language). WS-CDL maps to multiple instances of BPEL.</li>
<li>Above the choreography level is BPSS. This models multi-party business processes using a subset of the UMM. Such processes are mappable to one or more instances of WS-CDL.</li>
</ul>
This is the developing picture, based on increasing levels of abstraction, as well as a separation of concerns. The main point is that BPEL is in no way a substitute for BPSS, and <i>vice versa</i>.
<p>
In addition, the BPSS 2.0 will provide more direct support for WSDL-described services. ebXML CPP/CPA is providing direct support for WSDL as well.
<p>
All of these efforts (updated ebXML standards, and the BPEL/WS-CDL/BPSS stack) are aimed at assuring interoperability between the GXA stack and the ebXML set of standards, in places where such interoperability makes sense. Some folks in the industry question whether the GXA authors will allow such interoperability to truly be achieved, but I don't share that concern: customers have a big influence on such things. This is a Good Thing; this will help drive the important qualities of the infrastructure we are developing / standardising.
<p>
I hope this has been of some help.
<p>
Best regards,
<p><i>et cetera</i>